Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins maven vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend ...
Apache Maven
Quarkus Quarkus
Oracle Financial Services Analytical Applications Infrastructure
Oracle Goldengate Big Data And Application Adapters 23.1
1 Github repository
2.1
CVSSv2
CVE-2019-10361
Jenkins Maven Release Plugin 0.14.0 and previous versions stored credentials unencrypted on the Jenkins master where they could be viewed by users with access to the master file system.
Jenkins M2release
6.8
CVSSv2
CVE-2019-10359
A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and previous versions in the M2ReleaseAction#doSubmit method allowed malicious users to perform releases with attacker-specified options.
Jenkins M2release
3.5
CVSSv2
CVE-2019-10360
A stored cross site scripting vulnerability in Jenkins Maven Release Plugin 0.14.0 and previous versions allowed malicious users to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins.
Jenkins M2 Release
3.5
CVSSv2
CVE-2022-34195
Jenkins Repository Connector Plugin 2.2.0 and previous versions does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Confi...
Jenkins Repository Connector
4.3
CVSSv2
CVE-2019-10324
A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and previous versions in ReleaseAction#doSubmit, GradleReleaseApiAction#doStaging, MavenReleaseApiAction#doStaging, and UnifiedPromoteBuildAction#doSubmit allowed malicious users to schedule a release ...
Jfrog Artifactory
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3